summaryrefslogtreecommitdiff
path: root/source3/winbindd
diff options
context:
space:
mode:
authorMichael Adam <obnox@samba.org>2010-06-16 16:07:55 +0200
committerMichael Adam <obnox@samba.org>2010-08-14 02:10:42 +0200
commit24ff45ff4dd01d0ea5db7e7b182c8a4c8a9df761 (patch)
treeb53f70546e9eb829fd6dfa8c1eaa52d909ee21fb /source3/winbindd
parentdc4d838401787a5754d2114ba94029bef2a19f6d (diff)
downloadsamba-24ff45ff4dd01d0ea5db7e7b182c8a4c8a9df761.tar.gz
samba-24ff45ff4dd01d0ea5db7e7b182c8a4c8a9df761.tar.bz2
samba-24ff45ff4dd01d0ea5db7e7b182c8a4c8a9df761.zip
s3:idmap: parse ranges and "read only" in idmap_init_domain().
Diffstat (limited to 'source3/winbindd')
-rw-r--r--source3/winbindd/idmap.c78
1 files changed, 78 insertions, 0 deletions
diff --git a/source3/winbindd/idmap.c b/source3/winbindd/idmap.c
index c547262d81..c4d26d8646 100644
--- a/source3/winbindd/idmap.c
+++ b/source3/winbindd/idmap.c
@@ -229,6 +229,84 @@ static struct idmap_domain *idmap_init_domain(TALLOC_CTX *mem_ctx,
goto fail;
}
+ /*
+ * load ranges and read only information from the config
+ */
+ if (strequal(result->name, "*")) {
+ /*
+ * The default domain "*" is configured differently
+ * from named domains.
+ */
+ uid_t low_uid = 0;
+ uid_t high_uid = 0;
+ gid_t low_gid = 0;
+ gid_t high_gid = 0;
+
+ result->low_id = 0;
+ result->high_id = 0;
+
+ if (!lp_idmap_uid(&low_uid, &high_uid)) {
+ DEBUG(1, ("Error: 'idmap uid' not set!\n"));
+ goto fail;
+ }
+
+ result->low_id = low_uid;
+ result->high_id = high_uid;
+
+ if (!lp_idmap_gid(&low_gid, &high_gid)) {
+ DEBUG(1, ("Error: 'idmap gid' not set!\n"));
+ goto fail;
+ }
+
+ if ((low_gid != low_uid) || (high_gid != high_uid)) {
+ DEBUG(1, ("Warning: 'idmap uid' and 'idmap gid'"
+ " ranges do not agree -- building "
+ "intersection\n"));
+ result->low_id = MAX(result->low_id, low_gid);
+ result->high_id = MIN(result->high_id, high_gid);
+ }
+
+ result->read_only = lp_idmap_read_only();
+ } else {
+ char *config_option = NULL;
+ const char *range;
+
+ config_option = talloc_asprintf(result, "idmap config %s",
+ result->name);
+ if (config_option == NULL) {
+ DEBUG(0, ("Out of memory!\n"));
+ goto fail;
+ }
+
+ range = lp_parm_const_string(-1, config_option, "range", NULL);
+ if (range == NULL) {
+ DEBUG(1, ("Error: idmap range not specified for "
+ "domain %s\n", result ->name));
+ goto fail;
+ }
+
+ if (sscanf(range, "%u - %u", &result->low_id, &result->high_id)
+ != 2)
+ {
+ DEBUG(1, ("Error: invalid range '%s' specified for "
+ "domain %s\n", range, result->name));
+ goto fail;
+ }
+
+ result->read_only = lp_parm_bool(-1, config_option, "read only",
+ false);
+
+ talloc_free(config_option);
+ }
+
+ if (result->low_id > result->high_id) {
+ DEBUG(1, ("Error: invalid idmap range detected: "
+ "%lu - %lu\n",
+ (unsigned long)result->low_id,
+ (unsigned long)result->high_id));
+ goto fail;
+ }
+
result->methods = get_methods(modulename);
if (result->methods == NULL) {
DEBUG(3, ("idmap backend %s not found\n", modulename));